EU wants 'right to delete' for online personal data
Summary: The European Commission is in the process of drawing up legislation which may allow citizens of EU member states to delete data stored by websites and services.
The European Commission is in the process of drawing up legislation which may allow citizens of EU member states to delete data stored by websites and services.
With vast amounts of data held on us, most of it we put on ourselves, from social networking sites to paywall news sites which require credit or debit card details.
The EU is concerned that the laws regarding information security and storage are outdated, and in their view citizens should be able to remove their data from these sites and services in a short, simple process.
The problem is in regards to where the data is stored and the legislation covered under the EU may not be applicable to services held on non-EU soil. EC legislators are also trying to improve data cohesion by empowering the ordinary citizen to gain control over their own data.
EU member states and the European Commission could enact the finished, updated policy and force companies with a presence within the EU to comply, or face rejection or ceasing service.
This will no doubt be welcomed news to EU students, as now the proposal may allow measures such as needing to change a name by deed poll to escape the past in order to avoid missed employment opportunities will be unnecessary.
Do you think this is a good idea? Have your say.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback
RE: EU wants 'right to delete' for online personal data
It's even a bit hard to imagine arguments against that...
RE: EU wants 'right to delete' for online personal data
RE: EU wants 'right to delete' for online personal data
I can see Google fighting this tooth and nail.
Not only that, it would devalue Google and Facebook stocks, and that of
If advertising cannot be targeted through the usage of collected data, chances are that Google and Facebood and Yahoo and Bing would suffer with reductions in profits.
RE: EU wants 'right to delete' for online personal data
Well, so be it then if that happens. That's what business is all about; running honest, trustworthy sites that don't covertly do ANYTHING to a user's machine. If they want data, let them ask me for it at a minimum, and if data is stored by agreement (passwords, etc. where cookies have a legitimate use), than that's fine as long as I was asked and had a legal recourse if they didn't follow up. 90% of web marketing is all messed up anyway by idiots and dumbos so let the user have the choice of whether they can have the data or not. And leaving credit cards: That is one of the silliest and stupidest rules on the net; I avoid them at all costs and look for substitue sites; NO webste is indispensable in today's world.
I like the idea. OTOH I'm also not too concerned about the data they do gather on me; I'm careful, keep confidential data encrypted and routinely trim out the junk. I don't even allow cookies unless I get some personal benefit out of it.
silly EU
gary
Looks like you didn't read the blogger's piece....
RE: EU wants 'right to delete' for online personal data
Once your data is out there, you can never reverse the process. IT people know this. It's a feel-good proposition at best. The real answer is education...people should give up on the myth that anything they type into the internet will ever be private.
gary
gdstark: you're changing your original point; but even your "new" point
Your original post was uninformed, and even your new point is tangential to the discussion.
But, no matter... I'll address it as well.
<i>Once your data is out there, you can never reverse the process.</i>
That's a duh!, point.
Most people with any kind of experience in using the 'net already know this.
<i>IT people know this.</i>
It's not just IT people that know this. Most people using the 'net already know "this".
<i>It's a feel-good proposition at best.</i>
You may think of it that way, but any proposition which turns into law, and which is written with major penalty or misdemeanor or felony charges, can be very effective.
<i>The real answer is education...</i>
Most people with years of experience on the internet already know the consequences of divulging too much personal information on the internet. It's good to educate people on the consequences, but, a huge number of people won't listen, or won't learn their lessons, until they're the ones caught in the grip of a major scandal stemming from use of their information from the internet. The prevalent mentality out there is that, "those kind of problems only happen to others, and not to me". There is also the mentality which feels that they don't have any major secrets to hide, or that their information is useless; that is, until somebody does use that information for ID theft or to learn more about the owner of that information (stalking, as an example).
<i>people should give up on the myth that anything they type into the internet will ever be private.</i>
I don't think that was the topic of of this discussion although it's related. The topic was about the EU making websites give the users the right and ability to "delete" their data from websites.
Now, if a law is drawn up to force websites to give people that ability, that law would have to be defined with penalties, including, in some cases, jail time for not putting the directives of that law into website management.
Now, if a user "deletes" his/her information from a website, as of that date, the website should never again be able to use that person's personal data to target the person for advertising, or for website promotions, or to even contact that person, whether that data is physically deleted or just marked as "deleted" or "non-active". And, after "deletion", if personal data is used without authorization to the point that it causes harm to a person, such as a leak of a raunchy video from/by/relating to that user, then the website should be held liable for damages to the person who thought that his/her data had been "deleted". That's what the law would be about, and not about whether the person's data was already out there or not; and it's also not about the lack of education about the dangers of the internet. Once a person recognizes the mistakes of divulging too much information, that person should be given the chance to "delete" that damaging information.
Get it?!?
RE: EU wants 'right to delete' for online personal data
As the article points out, the EU can't simply order the world to follow its laws, so that's problem #1.
Here's another problem...suppose you've made orders from Amazon.com. Now you want Amazon to delete all of your data. Do they also delete any record of your purchases? If so, wouldn't that make returns difficult if they never heard of you? Or suppose I purchase a gun. Would it be a problem to law enforcement if all evidence of the purchase is conveniently erased?
As someone who works with SQL, I'd like a few more details about how you think this is supposed to work. Do you REALLY want to delete the requestor's record personal record? That's a problem as there are typically many records attached to this identification record. Not saying it's impossible, but I'd like to hear the details on the implementation.
Back on the facebook thing, what happens to conversations that you participated in...do each of your responses get deleted? Or any conversation you participated in? And what if someone refers to you by name in a conversation...do you expect facebook to delete those references?
Personally I've walked away from sites from time to time (including Facebook). I've never felt like I wanted my information erased. Since I never gave them anything I cared about, I never wanted it back. I'm not saying that privacy isn't an issue with websites...just that this erasure idea doesn't seem very well thought out.
gary
gdstark: you're still misunderstanding the purpose for the EU's concerns...
RE: EU wants 'right to delete' for online personal data
I don't understand your answer to the "#1 problem", that of jurisdiction. How could the EU enforce laws on companies not in the EU. As you say, any contry can impose whatever laws it wants, but that's obviously not the same as enforcing those laws. That's why the idea seems impractical to me.
gary
gdstark: you're still misunderstanding (continued...)
gdstark: I already offered a solution to your "#1 problem"...
RE: EU wants 'right to delete' for online personal data
Did you actually read this? It's nothing to do with censoring the internet or dictating what people post, it is about giving people the right to reclaim their personal data, should they decide they don't want a company to have it anymore.
They should go one step further and band Google and their creepy engineers
RE: EU wants 'right to delete' for online personal data
Uh, no. Most identity theft is still achieved through analog means. The biggest element of identity theft online is the online blackmarket of personal data. Which is to say, if the good guys neglect to use the web, it just gives freer reign to the criminals. Oh, here's the perfect example. Japan was so good at using guns in warfare, that they forbid guns in Japan. It reduced internal strife for a little bitty bit, until the upstart U.S. wandered in and forced the entire nation into submission with 3 ships. Same thing. It's stupid to be afraid of tools. Fear the people using them.
they should go future
EU turn the screws down tightly on these sites.
Go one step futher